Sunday, February 25, 2007

USB memory sticks are getting cheaper and more common. The options are expanding for doing much more with them besides just acting as glamorized "floppy drive replacement" storage media.

This list of ten cool ways to use your USB drives has an added bonus...once past the price paid for the USB drive all these items are free! And if you got your USB stick as a "gimmie" prize, then the whole shebang is free!

It was a long day of house-chores, blogging, pestering Alvis to clean her room and "after-school" book areas.

One of Lavie's co-workers ended up giving me a job and a half to complete.

Car Care Completed

She thought that she saw some fluid on the parking slot that Lavie had just earlier pulled out of and called me to check it out.

So Friday night when I got home I crawled around under Lavie's Altima and made sure everything was good. (It was.)

No leaky fluids anywhere...what her friend say may have been condensation runoff or there from another vehicle.

Lavie is really fortunate to have a friend like this one. She is a transplant from Pittsburgh and although they have other local friends, they have a great relationship. Not many people I know would take the time to call another friend's husband (after not getting Lavie) just to make sure things are ok and safe. Pretty kind, in my book. Anyway....

No fluid spots on our concrete. No drips or runs.

Although, I gotta hand it to Nissan. It's no small task trying to wedge oneself under for a good look at the undercarriage on an Altima. It's lowered pretty far, even for a standard suspension package (maybe five or six inches clearance). And the amount of plating and framework underneath would probably rival the heft of a Hummer and the aerodynamics of a NASCAR racer. I forgot just how tight and packed it looked under there. Wowzers.

But during the under-hood inspection I noticed that there was some "scub-corral" like growth around the positive terminal. Bright blue-green. Oh no.

So this afternoon I went down to the auto-parts store, got some terminal cleaner (works better than cola) and a new clamp assembly (just in case).

I've seen a few clamps get so corroded you can't get the bolt off, or maybe the metal gets so thin it fractures....so I wanted to be prepared.

Lavie's battery is still the original Nissan one. I was surprised to notice it had the "caps" on it. As a kid I remember Grandpa pulling the caps off the battery and getting this little eye-dropper looking thing with colored plastic balls in it. He would take a sample and see how they floated and then add water accordingly. Me, I'd just buy a new battery if it came to that.

Luckily, my fears were unfounded (darn those Nissan engineers).

I had gotten out my mechanic's toolbox (a gift from my dad about when I was getting out of college), a roll of paper towels, the can of acid neutralizer, a can of WD-40, a brass wire brush, my terminal brush, a bowl of water and Alvis was in tow.

I began with a heavy soaking with the acid neutralizing spray and many paper towels later I had the battery casing clean along with most of the acid formation--pretty as it was. I was surprised to find I could get both clamps off with minimal fuss, even with the buildup. I disassembled all the clamps (the positive terminal clamp was a six or seven piece affair) bushed them clean with some wire brushes. All the metal parts, including the bolts, threads and nuts were still in great condition under the buildup and gunk. That was really unexpected! I cleaned the terminals with the terminal brush (Alvis was fascinated by that). Sprayed the bolt threads with WD-40 and reassembled.

It started fast and strong. Awesome.

Job well done. Anybody have a vanship I can work on?

But is victory short-lived?

Alvis had got her report card and gotten all A's and one B. Not too shabby!

We decided to take her out to the mall pick up a manga for work well done.

I told Lavie that I still wasn't too pleased with the fit of my latest pairs of jeans. (Oh no!) And would probably be open to looking for a pair or two. Maybe. If she was up to it. Of course, going jean shopping is right around the very bottom of the list of things I would do only if my life depended on it.

It usually never turns out well.

Setting the Ground Rules

Lavie said she was, but expected a few rules to be followed.

I had to keep a positive attitude. (check)

I had to be open to her suggestions and feedback. (reasonable enough)

I had to come all the way out of the dressing rooms and model the fit for her. (Umm. really?)

I had to keep a positive attitude. (didn't she already say that?)

OK. I promised to behave.

So off we went.

We tried a few department stores, but I began getting dangerously close to breaking a few of her rules already.

In the end, I wasn't happy with any of the selections or the fit on my skinny-boy legs, nor was Lavie happy with the fit on my seat. We were both getting, well, bummed.

Alvis alone was happy, having found her copy of a new manga series Kitchen Princess. (I was secretly hoping for a fourth volume of Yotsuba& (still waiting for the Stateside release...) or volume two of Rizelmine (not out yet either)).

Finally in a fit of desperation, I suggested maybe we could try a nearby western-wear store. Surely they could have jeans that could fit a skinny-legged dude.

Did I just fall into the Rodeo?

We asked the tall sales kid, Cowboy Dan for help. He sized me up and marched us down to the end of the jean wall and began pulling jeans like a cowboy pulling lambs out of the herd.

Before I knew it he and Lavie had herded me down into a wood paneled changing stall fit for barn and were tossing the jeans over the top like hay bales into a barn.

I was stunned to find they fit. Really, really good. First time up. Wow.

Lavie made me come out and parade around in front of her, Alvis and Cowboy Dan.

And the Blue Ribbon goes to...

All the judges seem pleased with the fit.

We walked out of the western-wear store with five new pairs of damn-fine-fittin' jeans in several shades of indigo.

Lavie was happy and Alvis was amused. And I?

I guess this life-long Texan city-boy has to finally fess up and admit it; he has a cowboy's body and heart after all.

Who knew?

Now if I could just figure out if horses are as easy to work on as Nissan Altima's....

Lavie and I were watching a recent episode of the CBS Television show Numb3rs.

In this one (like many) the crack F.B.I. team traces (real-time) the location of a bad-guy's Internet access and manages to locate his to a specific home, building, or neighborhood.

This makes for great and exciting TV and while I'm quite confident there are a lot of things law-enforcement (especially the federal agencies) can do, quite speedily, overall I'm not entirely convinced enough to get out my tinfoil hat just yet.

When one connects to the "Net", wirelessly or hard-line, it is through an IP (Internet Protocol) address. That IP address made up of numbers separated with dots tells the data packets where to go and how to get back to you.

Knowing an IP address can generally provide you a fair bit of knowledge about the owner and location of a server.

IP Addresses and WHOIS

Want to know a little bit about, say, Mozilla?

Open a command-prompt box and type the following --> PING www.mozilla.com

Here you get a wide-view map, some performance graphs, and some analysis information for the TraceRoute between their server and the target IP address.

Visualware also provides a Lite Edition free for personal use. It's a great, fun little application that could be useful when troubleshooting home networking issues with your ISP Help Desk. It does lack the map and some other feature that the paid versions include, but it is a good place to get started.

I also like using Foundstone's Trout application to perform traceroute and Whois lookups. It is small, fast and can be kept on a USB stick. It also supports constant pings to monitor traffic times, good for dealing with a flaky network connection.

View an IP Address on a Map

Want to see a closer view of where an IP address is located near?

Drop the IP address into My IP Address Lookup and you can get a nice Google map and some summary information of the ISP's (Internet Service Provider) location.

You can even see a wide-view by street, satellite image, or both, thanks to Google Maps.

This is pretty cool stuff, but depending on how the ISP has set up it's system, most likely will only get you into the general neighborhood area of where the ISP's routers for that IP address are located. Still not at a specific street or building level.

Reality Check

You may not be aware of it, but besides the activity logs on your Net access kept by your ISP, many websites, servers and others may log your IP when you post a comment, upload/download a file(s), register for a user account, etc.

Though generally harmless to you, you could have to face some consequences if someone pulled those logs and came after you for illegal activity.

And that is where the real power of law-enforcement lies. Not so much in the "flashy drama" of real-time network activity tracing, but in the "gum-shoe" detective work of getting an IP address, getting a court-subpoena, and getting log records from an ISP for a particular IP.

Using an IP address, coupled with a MAC (media access control) address, and time-logs, a pretty good case could be made.

Yes, IP and MAC address can be spoofed (for more information see links: IP Spoofing and MAC spoofing), but it's only a matter of time and resources for a determined someone to unravel the Web woven.

Anonymizing tools can help make that task more difficult, but aren't fail-safe.

What following anonymizing tools will do (basically) is to give a different endpoint IP address for your browsing session instead of your "local" IP connection address. For most users...that is usually sufficient.

Going "Covert" with your Browsing

There are some free browsing tools to make it much more difficult to trace an IP from a web-browser session.

TorPark - This is application I am most familiar with from Torrify. Downloaded, it is a specialized build of Firefox (currently v1.5.0.7) that is portable for use directly on a Windows pc or off a USB drive and uses the TOR network for web anonymity.

OperaTor - This is a specialized version of Opera v9.10 that combines TOR and Privoxy. It also is portable.

DemocraKey - This is a new "suite" of secure browsing apps, packaged with a slick auto-launcher. It contains Clamwin for free anti-virus scanning, Thunderbird with GPG email encryption, and the TorPark DemocraKey Mod--a security enhanced version of Firefox 2.0 using TOR. Great for USB key based web-browsing. Be aware, it is not a small package, however.

OS Level Anonymous Browsing

Anonym.OS Live CD - This is a Linux "LiveCD" distribution put out by the kaos.theory group. Based on the OpenBSD 3.8 LiveCD, it comes set up with additional tools for anonymizing and encrypting network connections. More details in this good ArsTechnica review.

Phantomix Live CD - This is another Linux "LiveCD" based on the popular Knoppix distribution.

The benefits of these approaches is that the entire operating system is configured to support anonymous browsing and Net activity. Plus they don't touch the hard-drive of the local machine, so you shouldn't leave as many "footprints" behind, especially on a machine that is not your own.

Performance Drawbacks

Because of the way it works, and network traffic at any given time the biggest drawback to using any of these solutions is speed.

These networks can run very slow as information requests hop all over the place. Sometimes REALLY slow.

Even if you have a really fast bandwidth connection and a very fast machine, they can be slow to render pages.

And I really wouldn't consider using them to download files. Slow.

But for general web-browsing, comment posting, and the like, they are pretty serviceable and get the job done.

So Am I Really Anonymous?

Depends on how you define "anonymous."

As I mentioned before, what these anonymizing tools will do is to give a different endpoint IP address for your browsing session instead of your "local" IP connection address.

Tech Guy Leo Notenboom posted a response to a question that these programs could be used by individuals or groups for nefarious purposes. In it Mr. Notenboom does a fantastic job of pointing out the limitations of "anonymity" with these applications:

Now, conceptually that's all very simple. But there are issues...

Your IP address is visible to the anonymization service: that's required for your connection to work. You are trusting that they are not logging your connection and logging who you're connecting to. You're further trusting that they won't reveal any of that to anyone else.

The service's IP address is visible: possibly making it obvious that you are using an anonymization service. That might make it look like you have something to hide.

Your IP address may not be the only thing that identifies you (#1): there's often other information included when you make a request that could identify you or could at least help distinguish your visits from someone else. Torpark addresses this by actually including Firefox to be used in conjunction with Torpark. Other services may, or may not, address this at all.

Your IP address may not be the only thing that identifies you (#2): as we saw with the recent search data "accidentally" released by AOL, you may not need an IP address to be identified. Many individuals were identified solely by the search queries that they made. As always, be careful with what information you provide as you browse; search terms, URLs, form information - individually they might mean nothing, but taken in aggregate you might be leaving an identifiable trail.

Another side to the "anonymous browsing" discussing regards compliance with any network policies that may (or may not) be in place.

Using any of these anonymizing software solutions at home should mostly be fair-game. But what if you use one from your work computer or laptop behind your employer's network? Or what if your kid uses one at school to bypass network filters and firewalls? Maybe you work for higher education or the government? Do you think they would care?

You might be surprised to find that they just might care, very much indeed. And not in a positive manner as well.

To summarize, Mr. Cesarini got a visit from a campus network-security tech along with two campus police detectives. Mr. Cesarini had been using Tor to become familiar with it for a course lecture.

However his unusual traffic set off alarm bells with the network security and prompted the visit.

That use alone--regardless of purpose for use--was enough to make everyone nervous and initiate a checkup. They couldn't say what he had viewed, and the logs were not entirely accurate to his own usage (apparently another TOR user was active on the campus as well) but there were logs and they were enough to lead to his door.

So non-home users...know your company's policy very well before even considering using a TOR enhanced browser in your employer's network.

System Administrators and Network Policy Drafters...make sure you have updated your policy to include coverage of this area of network technology software and usage.

The Good with the Bad

As Mr. Cesarini, Mr. Notenboom, and countless others have pointed out, anonymous Web activity can clearly be used for ill by those with criminal intent. The nature of it the technology makes tracking that activity difficult (though not necessarily impossible) for law enforcement.

However, there is much good as well bundled with these tools.

Besides the obvious use by citizens of repressive governments to express dissent, maybe a corporate whistle blower has something to say, or someone wants to send a valuable tip to a newspaper or crime-stopper organization. Then there could be the user posting discussions in a controversial Web forum, or someone wanting to do web-searches on very private and personal health issues (remember the AOL search-data fiasco, anyone...). Heck, even undercover law-enforcement officers and detectives may find beneficial use of these technologies so their undercover work doesn't have their cover blown by someone tracing the IP they are using back to their headquarters.

There still remain many fair and valid reasons that support the good use of this technology.

And I am confident that hard-working law-enforcement officers are working hand-in-hand with the brightest network security specialists (and the ISP's via court orders) to get the network traffic information they need for their investigations, when they need it to keep us safe.

Just be aware of the issues and limitations and use the power responsibly.

Firefox Version 2.0.0.2 - should be auto-update notifying by now, but just in case you still haven't gotten the notice...go get it.

Fun Free Software Toys

Gradiator - via PortableFreeware. Allows you to quickly produce gradients, and to even apply a simple gradient image to your desktop. Small and fun.

Outlook on the Desktop - .NET software application that lets you pick a main Outlook view and transparently display it on your desktop background. If you want to access an element in Outlook, just click at it and it will launch. Might not be useful if you have a ton of icons cluttering your desktop, or you are a one-monitor user and always have a window or two maximized. -via DownloadSquad.

Fun Windows Fact - The Autumn Desktop Image

One of Lavie's favorite standard Microsoft Windows XP desktop images is the one known as "Autumn". That's the one with the golden-leaved tree-enveloped street with a barn in the back.

First he somehow managed to locate a similar image in the Corbis library and then (eventually) the photographer Peter Burian. (Note #1: in the article Tosches says the image was cited as being that of James Marshall, but now the Corbis image has Peter Burian's name credited...has it been updated since the article?)

Burian eventually provided the location being in the village of Kilbride near Milton, Ontario..not because he didn't want to but he forgot where it was...it took them both a bit of time, and help from the memory of an historical archivist to find it again.

With that nugget, the Google Sightseeing team found the overhead location shot on Google Maps.

(Note #2: since the article was published, it appears that the address cited and used by the Google Sightseeing team was removed from the article...privacy reasons? Does someone not want hoards of Microsoft fanboys/fangirls descending on this holy shrine of XP-dom?)

He linked to the Star Wars Helmets site that has a variety and history of the various Darth Vader helmets. Dad is a big Darth Vader fan and it was cool to see the degree of costume work these fans and prop makers put into making some of these helmets.

Of course, while looking into the face of a Darth Vader mask could be pretty terrifying...nothing looks quite so horrific as staring into the face of a USB-mask wearing Japanese model. Apparently used in conjunction with a surgical mask acting as a particulate filter, you too can now find relief during allergy season while tackling your computing duties.

However you will now fall victim to the debilitating stares and ridicule of your co-workers...take your pick.

This morning I was checking out progress on the new PCLinuxOS 2007 release.

PCLinuxOS is the version of Linux that Alvis runs on her pc.

It has a LiveCD version, or can be installed directly to a local hard-drive.

I first came across it re-versioned as Wizard's Kid-Safe LiveCD. See my earlier post for details on this great solution for introducing your children to Linux. The host link is now dead, but you can still find copies of the iso floating around.

Anyway, I was so impressed with PCLinuxOS via Wizard's that I just ended up installing the full version of PCLinuxOS proper on Alvis's older, hand-me-down pc system. It handled all the old hardware along with the latest LCD monitor just perfectly. I was sold and my daughter is quite happy.

So when I saw word that the developers were going to be releasing a 2007 version I was ecstatic.

I've played with the beta versions via LiveCD format and it has blown me away. This team has slicked up the GUI as well as worked hard under the hood. This isn't your version 0.93 stuff any more.

How does the Amazon Honor System paybox know my name?When you look at a Web page, the words and pictures you see actually may come from several sources. Your browser software assembles the pieces and displays them as a single page. On the Web site you were visiting, most of the content you saw was transmitted from server computers used by the site's operator. The image made up of the paybox and your name displayed within the paybox was different--we sent it to you directly from Amazon.com. This allowed us to recognize you by name just like we do when you visit the Amazon.com Web site. Because Amazon.com's servers transmitted the image containing a paybox and your name within the paybox directly to your browser software, the site owner never saw the paybox or your name and never received any information about you.

Well, that is really nice...but in simpler terms...Amazon uses the "cookie" set on your computer and that retains information about you to be accessed by their own ads served by them, but placed (via code) on other web-site owner's pages. This is good for you and Amazon as the info is shared between the both of you and NOT the third-party site. According to Amazon, they also don't track or log which websites you roam across that use the "Amazon Honor System" payboxes.

Taking the Snitch out of Service

There are two easy methods to prevent your name appearing in the "Amazon Honor System" ad boxes when you surf.

Amazon explains that you can prevent your Amazon name display from appearing by logging into your Amazon account and updating your communication preferences.

Or (and my preferred method) is that you can just remember to log out of your Amazon account when you get done shopping there.

Despite the amount of attention I give to secure on-line shopping and browsing habits, the Amazon site continues to give me "problems". Once you have completed a shopping session you seem to be returned back to a personalized Amazon "home-page" and it is very easy to forget you are still logged into your account.

I only wish they would make a clearer transitional page after your order has been completed. One that offers to return you to shopping in your account or to log out of your account.

Once I went back to the Amazon website and "logged out" of my account (done by clicking the link at the top that says to check it if I am not me) I browsed back to PCLinuxOS and my name was no longer displayed.

No Harm-No Foul (this time)

Let me be crystal clear; I'm not griping or complaining or questioning Amazon or their security. Amazon is one of a handful of online-shopping merchants that I have used for a very long time with trust and confidence. I haven't yet been burned by them or any of their associate merchants.

And it is clearly my responsibility to remember to log out of my own accounts on-line.

I'm not fussing about their "Amazon Honor System" either. It's pretty cool and a great revenue generator for smaller, donation-supported projects.

I just wanted to bring this small matter to your attention and wish for Amazon to make a more prominent "Log Out of Account" button instead of their "Click if you are not me" method.

Cross-site (XSS) Vulnerabilities

What this does do is give a good example of how a cookie could be utilized for malicious gain.

Suppose (for example) a hacker wanted to gain access to information located in a cookie on my machine set by a merchant I conduct on-line business with. Obviously it could contain some goodies.

By exploiting a potential vulnerability in my browser and maybe getting me to visit a malicious (fake) website, they could manipulate the code to extract information from a cookie or cookies on my machine, or change the information on it...although it is not limited to just cookie exploitation and account theft, but may include sensitive page content or other objects as well. Even (depending on what data is stored in that cookie) to the point of being able to hijack my account, drain it or collect secure information about me or my account from it.

There are several readable papers and pages on this issue worth looking into:

Protecting oneself from XSS is a difficult, but not impossible task. There are some basic pointers you may want to follow:

Always log out of secure web accounts when you are done conducting business. With the exception of one or two "tossaway" accounts on a tech-blog page or two (or Amazon when I forget) I never leave any account that I have to log into without logging out.

Keep your web-browser fully patched and up to the latest version.

Avoid following links, site unseen. By that I mean if you are viewing a website and it links off-site to another link, type the homepage of that site into your address bar and browse from within the home site. Of course, this takes away most of the fun (and function) of web-surfing, but there you go.

Turn off JavaScript in your browser, or only enable it on trusted websites. See the NoScript - Firefox Add-on.

Set your browser's Internet security settings to "High". That might make your fun web-browsing very challenging as well, however.

Be careful on what you click on. Examine what and where you are about to go. If the link in a web-forum or "guestbook" says "Click here to see puppies" but when you hover over the link, your browser displays information showing the link goes to someplace like www.hollieshouseofpuppyhorrors.com (not a real site, BTW) then you probably want to think twice before following that link.

I never did get it working on Windows 2000 Professional. So keep a copy of Windows Virtual PC 2004 around if you intend to run VPC on any of those systems.

I was really curious to see if the Final version would work on XP (Home)

I made sure none of my virtual machines were in a "paused" state. Then I uninstalled VPC 2007 RC.

Looking to see what Microsoft may have done to appease the few XP Home users out there clamoring for Virtual PC 2007, even it isn't "supported" I took a gamble and ran the setup.exe installer without going through my "hack" technique.

After a long pause the installer displayed that this was v.6.0.156.0.

With great trepidation, I clicked "Next" and got a really dire and scary sounding warning that VPC 2007 wasn't supported on this OS. I clicked OK anyway. No idea what was about to happen.

Imagine my surprise when the license agreement appeared! I said "OK" and kept going.

Next up was a customer information window, with a license key already inserted. (Next).

I clicked Install for a final time and the installation formally began.

After what seemed like a very long time, the installer finished.

I launched the VPC 2007 icon from the Program Folders list.

My saved DSL-Linux, Windows 98 and Vista (RC 5600 build) were all there and all worked great.

I've still got to go back and uninstall the Virtual machine additions from the two Windows OS's and install the new one. I don't know for sure if it was changed at all in the final version, but it wouldn't hurt.

Yes! Microsoft Virtual PC 2007 Runs on XP Home ... What about the hack method?

This time the installer again complained about not being on put on a supported system. I continued clicking through the installation and it seemed to take fine. When I ran it, this time it complained about not having MS XML 6 installed. Hmm. I ran the MS XML 6 installer setup file extracted from the setup.exe file and it went on fine.

Now when I re-launched the Virtual PC 2007 it complained one more time about not being on a supported system, but offered a box to check to not remind again. I selected it and it was happy.

My virtual version of Vista fired up fine and stable on my XP Home system. OK!

So at this point, I can say that the "hack" still works, but with the additional step of manually running the included MS XML 6 installer this time.

Skip the Hack - Just Run setup.exe

As much as the "hack" method is fun, there doesn't really seem to be any need for it now.

The Virtual PC 2007 final release's setup.exe file seems to give fair warning about putting it on a XP Home system, but otherwise it goes on fine, just like Virtual PC 2004 did. So in all honesty, I can't say I would recommend the hack now. As long as it goes on fine, you should be good to go.

I'm happy to see that Microsoft programmers have now allowed Virtual PC 2007 to go on XP Home systems with minimal fuss. That's cool if they don't want to "officially" support it. I understand, but appreciate them allowing it without needing to jump through hoops to make it work.

I never did get the hacked version of the Beta working on Windows 2000 Professional, and I don't have one handy right now to test it on. I'll do an update when I find out for sure. In the meantime, just keep a copy of the installer for Virtual PC 2004 handy for those machines.

I like the message tagging (great for e-bill management), and the default theme is nice. I'm not sold on the usefulness of the forward/backward buttons but there they are (once you add them with by customizing the toolbar). Folder views are customizable as well. The email alert popup contains much more useful information, I'm happy to see that change. There are a number of other features as well. I am really looking forward for the final release.

When you install the Thunderbird beta 2 version, it installs in its own folder, to avoid overwriting your original build. That hasn't been a problem as they both seem to use the same profile folder/settings so reconfiguration is kept to a minimum.

I ran into only two minor drawbacks--not Thunderbird's fault. First, when I would launch one version after the other they would keep offering to make itself the default email tool. I finally told one of them "No" and set it to not check for the being the default. Harmony reigned.

The other issue was with incompatible themes and extensions. I just use one or two "custom" themes and really don't use any Add-ons for Thunderbird at all. I just uninstalled the one v 2.0 incompatible theme and was fine. Mozilla's Lightning (integrated calendar program) seemed to not even blink an eye between each version. Nice.

It seems quick and nice.

To the Customization!

I'm sure there are a lot of customizations one can do in Thunderbird, besides the use of Themes and Add-ons.

Normally it has a nice, plain, welcome to Thunderbird logo and message.

However, if you go to the Tools, Options, General tab, you will find you can set this to any other location that uses a supported file format.

By default it uses: chrome://messenger/content/start.xhtml

You can use others like a HTML or JPG file.

If you get something messed up, just press the "Restore Default" button and all will be back to normal--this is pretty safe stuff, even for noobies.

Me, I wanted to see a pretty face waiting for me when I opened up my email.

Picking a graphic

I decided to use this pretty picture of Love Hina's star, Naru Narusegawa. The colors seemed to compliment the pastel-washed ones of the default Thunderbird theme. And there was lots of room for cropping (that is important).

Once downloaded I wanted to crop and resize it to fit the start page window of Thunderbird without generating those scroll bars.

I almost never bother resizing my email client. So since I leave it at the same size, the first thing I needed to do is to see the pixel dimensions my final image file needed to take.

Screen Measuring

There are all kinds of ways to measure elements on your windows.

For this, I chose to use the freeware screen ruler application from PegTop called "PMeter". It installs quickly and is very powerful yet very intuitive. JR Screen Ruler is another freeware utility very similar. I consider either tool a "must have" for web page work, bloggers, or graphic designers. Firefox has a great Add-on as well called MeasureIt. Also nice.

Launching Thunderbird and making sure that it was sized correctly, I then ran PMeter and took a pixel measurement of the width and height of the start page pane area. Mine worked out to 850x350 rounding downward to leave a bit of whitespace around my final image. I wrote that down.

That will be how big my final image dimensions will need to be.

Image Manipulation

For quick image cropping and resizing I don't think that there is a better utility than FastStone's Image Viewer. This free-for-personal-use application is tops in my book for quick image editing and I would highly recommend it to any blogger who works with images.

I opened up the downloaded file of Naru in Image Viewer and then began by resizing it. to match the width I needed. This meant locking the aspect ratio and bringing the width down from 1024 to 850. Done.

Now I needed to get the height worked out. This was a bit harder. I had to do some careful cropping on the image to make sure I included enough of the character's image and features to make the image pleasing. Once I got it fined tuned (the cropping tool allows a lot of adjustments on the fly) I was almost done.

(Note you may decide that cropping first, then resizing works, or maybe just cropping. The best technique depends as much on the image you have chosen as well as your skill working with these programs.)

Last thing I did was just slightly increase the brightness level to give it a bit more of a washed-out effect to better match the muted colors of the Thunderbird theme.

I saved the file as a JPEG format with 100% (highest) compression in my My Documents\Pictures folder for safe keeping.

Calling the Custom Image

Now, we are almost done.

Going back to Thunderbird, I went to the Tools, Options, General tab and entered the following path in the Start Page location line:

Take a look at these Screenshots, a list of Places to Fly, get a world-wide Scenery expansion pack. Like aircraft? Take a look at all these! Including Santa's sleigh, paragliders, a Sopwith Camel, the X15,

They even offer a Live-CD version. Boot your pc directly from the CD and it doesn't touch your hard-drive.

Although it has a single-player mode, it really runs strong in a on-line multiplayer environment. Supports Windows and Mac.

Be Organized

allsnap - This is one of those tiny little system tools that you don't realize you probably need until you find and use it. Most Linux systems have this "feature" already.

Allsnap automatically "snaps" your open windows to either the edges of the screen or the edges of other windows. That's it. Nothing fancy, but quite useful.

You can set several options like the "snap-zone" (how close a window needs to be to an edge before "snapping" occurs and some advanced fine-tuning features.

It is simple, light and quite nice.

Bonus tip: to quickly cascade all the windows on your Windows pc, just right click on the task-bar and select the "Cascade Windows" menu item. All your windows will form up in a nicely-sized cascade stack! Who knew? (tip via technofile)

Be Artful

Inkscape. Draw Freely. - Probably the most popular Open Source vectoring software out there. I love it, and each release just gets better. Current version now up to .45 Windows, Mac, and Linux friendly.

Think vector graphics are just about lines and solid colors? Take a took at Brazilian Luciano Lourenco's photo-realistic creation with Inkscape. Wow. Luciano's making good use of that new Gaussian Blur capability in Inkscape.

Komodo Edit - My latest find in the quest to find a good HTML coding tool. . It has tabs, supports Perl, PHP, Python, Ruby, JavaScript, CSS, HTML and XML. Syntax checking and coloring is built in with tips on the fly. Works with Linux, Windows and Macs. Free from ActiveState software! (found via mykzilla: Three Things I Love About Komodo)

Not all free software sites and link pages are alike. Some are trustworthy, but there are too many on the Web that may be dishing up files of dubious quality and integrity. These are some of the select-few I trust.

I've had a 4G iPod for a while now. I feel I've been quite proficient with it's management.

I can make playlists.

I can apply custom album art.

I can sort.

I can handle the radio and podcast features with aplomb.

I can even quickly and easily purchase music from iTunes.

...or so I thought.

Why does something Apple seems to pride itself so much on be so difficult?

Maybe it was just me.

The Adventure Begins

I have an iTunes account already established and have bought the odd-single for Alvis. Nothing near the level of investment that my brother has apparently contributed, but I'm quite conformable with the process.

Heck, it's even easy.

Oh how wrong I was...little grasshopper me.

For Valentine's Day, Lavie and Alvis gave me a $15 iTunes gift card.

I've had a hard time picking out what music to get.

I was very close to putting up a post asking (based on my genre likes) what 15'ish songs my dear blog friends would recommend; to get an fun eclectic mix. I may still do something like that soon.

I was about to spring for the new Nora Jones album Not To Late, but then inspiration hit...and my problems with iTunes began.

The Heartless Bastards...

See, I remembered one of my fav up-and-coming bands, The Heartless Bastards, had recently released a new album. There's just something about vocalist Erika Wennerstrom's rough and edgy voice that makes this band great. Might iTunes carry it?

A quick "Browse", no that doesn't help me...a quick "Power Search" and I've got the album in my sights! Just $9.99! Score!

It took me three attempts to scrape off the covering of the iTunes "pin" number...each time requiring a harder and sharper grade of metal. I was set!

I was already logged into my iTunes account, so I clicked the "Buy Album" button and it warned I was about to purchase the music.

No request if I wanted to use my iTunes card? Hmmm.

I backed out and tried again. Same thing.

What? I can use my iTunes card right? Isn't that how it is to work?

Because the iTunes purchase message looked pretty clear and firm, I decided I needed to check into whether I was using my iTunes card correctly.

I scanned the steps and had done all the steps, but apparently I needed to find the QUICK LINKS window on the iTunes Store homepage...then go to the "Redeem" link. Ohhh.

So I have to redeem my iTunes gift-card first, THEN I can make a purchase decision.

Well that was clear...as mud.

Wonder why other stores don't use this awesome gift-card model? Wouldn't Amazon be such a better on-line store if they required their customers to redeem all their credits BEFORE making a purchase, instead of during the checkout process? Got a gift card for Joe's Crabshack? Gotta give it to the hostess first to redeem before being seated at the table and getting your menus.

Anyway.

iTunes Redeemed

Once I got it redeemed, I did notice (pleasantly) that Apple tracks your "store-credit" in a little window up at the top-left of iTunes by your login name.

Back to The Heartless Bastards album page. Quick-click purchase done and in less than five minutes I had it downloaded.

That (sincerely) is a nice touch....and a constant reminder of how much you have waiting to spend. Alvis noticed that I had a balance remaining and sweetly asked if she could have a song....Five for Fighting's "The Riddle". Sure. I like that one too.

So now I know what do do with my iTunes cards now....redeem it, then spend it.

I've got about two or three songs left of credit. I'm not quite sure what I will do with them.

I'm likely going to try one or two of the few Japanese albums the US iTunes carries.

iTunes Japan

If you really love Japanese music, you can head over to JBOX and pick up some Japanese iTunes cards, then log into the iTunes Japan website. As long as you use the Japanese iTunes cards, you can purchase and download music once logged into the iTunes Japan site.

There were a set of three stacked platters under it that each had holes. Before the game started, you would spin each platter setting the holes randomly. They clattered quite loudly as they spun.

As the game progressed, you would buy land, spend money to drill holes. Then came the best part.

There was a large plastic "oil-derrick" that you would place in a hole you intended to drill. Depending how the hidden holes in the platter lined up, a metal rod would be able to drop clear through resulting in a dry well, to it not getting past the top platter resulting in a "gusher".

The tiny plastic 3-D pieces were really fun. There were sheds and well caps and oil derricks. There were pipelines to set...all kinds of stuff. Pictures via Board Game Geek

It was a lot of fun and we played it a lot. I even remember playing it in the backyard some days.

GamePart sells the whole game now for $75, as well as assorted parts. (Sold out currently. Don't know if eBay has it....)

Seems kinda dated now in light of our current PC attitudes to the oil industry. Can't imagine this game making a popular appearance at the toy-store shelves.

It was more a game of the times, when the oil business still had a bit of "glow" to it and less the complicated love-hate affair it seems to have become.

I wonder if mom still has it somewhere....

Obviously, it didn't indoctrinate me at all as I didn't choose to go into the "family business." But it was a lot of fun, and I can see why my parents would have picked it up off the shelf.

A Grandpa Story

Which then reminds me of a fond story about Grandpa.

He owned a super-big, bright-red early 70's Lincoln Continental with a bright white vinyl roof. Lots of chrome, of course. He would always wear a straw cowboy hat and wore boots on his feet. And he loved wearing "bolo" style neck ties.

He looked like a "King Oil" Texan if ever you saw one on Dallas.

One day he was driving around and someone pulled up next to him and was obviously impressed by his look.

Through the window of their car they asked him if he owned any oil-wells.

Grandpa says he just looked over at the other driver and slowly raised his hand. He spread apart three fingers wide and clear and just grinned as he slowly pulled away.

Grandpa never owned any oil-wells, but he loved Texas and a good joke.

OIL: The Great Adventure - Very "old-school" style boardgame. Very detailed and according to the web-site author, provides a pretty realistic (for the 70's) review of the oil production process. Surprisingly, it seems to have been originated in Sweden and manufactured in Australia.

For many years I used to be a moderate fan of NASCAR racing. Most Sundays (or the occasional prime-time Saturday night) I could be found camped out in front of the television watching cars go around in circles for hours.

Lavie sometimes would watch with me.

Generally I stuck with the Nextel (Winston) Cup races of the big boys. I didn't really follow the Busch series. And the Craftsman truck series comes on at some really weird times so I never followed that.

I even had a NASCAR sticker on my pick-em-up truck (when I owned one).

The year before last, my attention to NASCAR began to drop. I caught maybe a race a month.

Last year I didn't watch a single race. Although, I still tried to follow the points race and drives when they made the news.

So this year, the Daytona 500 begins again. Controversy swirls the air around the track better than the wind generated by the cars running at full-throttle. Michael Waltrip's team has been devastated by allegations of cheating and rule breaking. Even wonder-boy Jeff Gordon got caught up when his car was found to (accidentally as it stands now) have been using parts causing it to be lowered by 1-inch.

Post Race Update: This year's race turned out to be quite fun. Long race stretches with a minimum of yellow flags. Some action in pits. The "Big Ones" in the end were quite spectacular--luckily, no-one got hurt very bad. Dale Jr. got his car creamed...too bad. The Toyotas finished in 22, 30, 34, and 40th place. Lavie didn't stick around during the race with me, but Alvis did (playing her GameBoy DS). Occasionally she would act the part of the interested daughter asking, "Where's Jeff (Gordon) at?"

Saturday, February 17, 2007

I can make quick, decisive decisions while at work, but can take several hours in a mall trying to decide which polo-shirt I want to buy.

I've been known to walk out of a mall after more than three hours, with Lavie not-so-silently muttering under her breath, without finding a single pair of jeans that I thought felt right.

I will go a week without eating lunch, so I can save the budget money to buy a new anime DVD.

I am compelled to toss out any leftovers more than two days old.

I don't go to bed without making sure all the dirty dishes have been loaded in the dishwasher.

I'd rather not wear my glasses in the house, rather than admit it is time to dust again.

But one of my hidden "bad-habits" is my Pocky.

Pocky. Those chocolate-covered, overpriced, demon-snack sticks loved by otaku. And if you believe the Pocky marketing blitz, is a really popular snack in Japan as well.

I have boxes stashed all over the house; in the study, in the living room, in the bedroom, at work, and in my car.

I can't go to the grocery store without buying at least two boxes, even if I have 10 unopened ones already.

I also have a Giant Pocky box the girls found for me one year.

Pocky are (generally) chocolate covered crisp-stick snacks. They are very thin and very good.

Please, Mizuho...Can I have some more?

I blame my addiction on Mizuho Kazami. Onegai (Please) Teacher was my first anime series to collect and fall in love with. It is sweet, tender, and deeply romantic. It was also how I managed to get Lavie hooked on anime with me.

In the series, Mizuho consumes vast quantities of Pochy. We soon learned that was a homage to Pocky snack-sticks and were both searching for boxes to see what the fuss was about.

Before we knew it we were hooked.

As our love of Pocky and anime expanded, we began to see it cropping up in cameos within other anime we watch; Eureka Seven (Precky), Please Teacher (Pochy), and Spirited Away (Pock). It's a fun game now. And we can't watch any Onegai Teacher episodes without a box or two nearby to munch on.

Pocky Picks

Pocky comes in a variety of flavors. The Pocky Gallery lists 30 types and flavors, some more hard to find than others. I'm looking to find the "Men's Pocky" flavor, as it is made with a darker chocolate than the standard Pocky which I usually get. Alvis prefers the strawberry flavored Pocky. Lavie likes the Almond-Crush Pocky best. I'd also like to try the Green Tea Mousse Pocky as well as I like green teas.

We don't generate that much waste each week, so I usually can get by setting out our two cans once a week. Sometimes I don't even have to put out a can. Just a bag will do.

This morning I set out a pair of my Justin steel-toe work-boots. Finally. They weren't well worn. On the average, I might wear them once every two months. This was a very uncharacteristic move, as I usually work hard to wear out a pair of boots. These looked quite new...and that was the problem.

When I bought them several years ago, I was doing lots of work installing heavier items, 100lb UPS batteries, installing new server racks, etc. Seemed like a good idea at the time. I'd had steel-toed boots before with great happiness, so finding a brand that looked good and felt pretty comfortable made me quite happy.

"Pretty comfortable".

That's what got me into trouble.

See, my feet are in that zone that, like jeans, makes it challenging to shop for. They don't seem to be fully "wide" but a normal width usually feels a bit tight at the end of the day, but a wide size seems way too roomy. I usually try to buy my boots and shoes at the end of a long day on my feet so they have spread enough to be representative of how my feet would really fit in them.

Anyway, turns out that these really nice boots ended up being a bit tight on the arch just before my toes. It didn't have anything to do with the steel toe-cap. That was very comfortable...but each time I put them on to wear getting ready in the morning, I would inevitably end up changing them before I left the house.

Maybe I didn't give them a chance, but it's not a good sign when I'm self conscious of how my feet feel in the morning before I leave for work.

So I decided to pull the trigger and "permanently retire" them.

It was for the best.

Nothing hurts worse than a toothache or a pair of uncomfortable work-boots.

Now I have to find a replacement pair....and the search begins anew....

Like those boots I had been holding onto, here are some links I need to set out on the curb for your enjoyment....

Since we are on the subject of pc file cleaning. For some heavy duty "Brillo-pad" work, try CCleaner (freeware). Use with caution, because it can clean more than you may want if you aren't careful. USB-friendly "portable" version here.

Ever wonder How To Defragment a Drive From The Command Prompt? Well, Daily Cup of Tech has that covered as well! I don't know if it runs any faster than the GUI method, but it does work. As an added bonus, some guidance is provided for setting up "batch-files" for custom defrag runs. I've tried several freeware defrag tools, but always end up going back to the XP/2000 system installed defrag programs.

Sysinternals has some of the best Windows utilities on the planet. And they are free. I usually use one or two daily in my job or at home. If you have a hard time picking which ones you need, just hit the "Easy" button and download them all at once! Sysinternals Suite (--via Lifehacker)

BlackBerry Patch? Yes! Don't get Poked!

At the moment, I don't have the pleasure (or pain) of being assigned a BlackBerry device at work. We do use them in our environment however, and have to install and support them for our VIP executives.

So if you are a BlackBerry user, be warned that BlackBerry has now posted a patch to help manage the Daylight Saving Time changes. Go see if you need it, unless you plan to switch it over manually. (--via downloadsquad)

Firefox Self-Patching

Michael Zalewski found a vulnerability in the Firefox 2.0.0.1 code that could allow a malformed URL served by a malicious website to misdirect under a URL that appears to be legit as well as messing with your cookies under certain conditions. (See how your Firefox browser fares in a test site he created here.) This could be a serious problem, depending on your surfing habits.

There are two "workaround" techniques to disable the vulnerability.

Mozilla Links offers a solution by adding a new line in the about:config preferences:

To summarize: Mozilla has been removing a large number of "marginal" and no-longer-maintained Add-ons, as well as those only offered for older Mozilla application versions. Additionally, Add-on's are going to be placed in a "discussion and review" sandbox before being added to the site. Trusted Add-ons will go directly to the public once updated, while new ones and "untrusted" add ons will need to be reviewed and discussed before made public on the "official" Mozilla Add-on site. Take a look at the excellent flow-chart diagram at that link.

Developers can always continue to offer their Add-on's to Firefox and Thunderbird from their own personal websites. Mozilla isn't restricting that at all. They are just trying to deal with an "extension-bloat" issue that has made it difficult of late to sort out the "wheat from the chaff" on the "official" Add-on site of late.

I think it is a smart decision, as many new Firefox users will turn to Mozilla's Add-on site as their primary source for Add-on's. If they get burned by a bad or less-than-useful extension obtained here, that might leave a bitter taste in their mouth for the Firefox/Mozilla experience. Think of it as Quality Control.

Places is to be a new design by Mozilla for storing bookmarks, history and other related page information. It was much anticipated to be included in Firefox 2.0, but missed the cut. Tentatively it now looks to appear in Firefox 3.0.

Also seen in those notes, is discussion to nominate some current popular extensions for inclusion in Firefox. That is a bigger deal than it appears, as Firefox has always been touted (among other things) as being small, fast, and light. The whole "extensibility" of Firefox makes it a popular alternative to Internet Explorer--add what you need and leave out what you don't.

I think the field of offline web applications is area that has the potential to grow into a very strong and healthy supportive branch of the overall web-browsing experience and it may just help redefine what the "Web" is down the road.

Credits

Why this? It is the simple blog of a Last Exile fan and is intended to express the enjoyment we derive from studio Gonzo's production. Although we closely relate with those characters, we aren't them in real life. We just want to keep the memory of these incredible young kids alive. So go buy Gonzo's Last Exile DVD's!